indexo.dev

incavisalogrono.com

.com crawl

First seen 2026-04-14 · Last seen 2026-05-04 · ok HTTP/1.1 200 1992 ms crawled 2026-05-07

FR · 94.23.81.163 · AS16276 OVH SAS

Reputation 95/100 weak security headers

Classifying

HTML metadata

Title
VIAJES INCAVISA LOGROÑO
Description
agencia de viajes
Language
es

Technology

Fonts
  • Google Fonts

Third-party hosts loaded (3)

  • www.panavision-tours.es×3
  • fonts.googleapis.com×1
  • www.termsfeed.com×1

Social

Contact

Email
Phone
Address
Avda. Portugal, 27-29 - Bajo 12600

Registration

Registrar
Arsys Internet, S.L. dba NICLINE.COM
Created
2013-12-27
Expires
2026-12-27 220 days left
Updated
2025-12-11
Name servers
  • dns1.posedente.com
  • dns2.posedente.com

DNS records live

NS
  • dns1.posedente.com
  • dns2.posedente.com
MX
  • 10 incavisalogrono-com.mail.protection.outlook.com
Verified for
  • Google
  • Microsoft 365

Email authentication strong

SPF
v=spf1 include:spf.protection.outlook.com -all
strict (-all)
DMARC
v=DMARC1; p=quarantine; ruf=mailto:dmarc@posedente.com; fo=1:d:s
policy: quarantine
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCuFBDZa2BVA1Z9lIcnTY5zV03r65Il45YAIDnDEe9MyrKUeCQ+DlUtoMNOyMvIfgNezlMtWIZUZ71AOYMGha…
selectors probed

Certificate (current)

R12
from 2026-03-14 to 2026-06-12
Expires in 23 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://incavisalogrono.com/

present
  • content-security-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';

Links to (3)

Linked from (1)